axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maicon Stihler <>
Subject establishing trust between two or more standalone STS
Date Fri, 05 Aug 2011 20:23:28 GMT

I want to use apache rampart to establish a federated environment, but 
I'm having trouble to find details on how to operate the STS on a 
standalone setup.

In this scenario, I would create as many STS as there are security 
domains, and establish trust relationships between them all. Thus the 
users from each security domain could obtain security tokens to access 
services on different security domains.

Reading the documentation on the Rampart web site, it is not very clear 
how the STS is operated (e.g. how do I create a custom STS that runs 
separated from the relying party? or how do I tell the STS who should be 
trusted when validating tokens from other STSs?)

 From the samples, it seems that the STS is embedded on rampart itself, 
but I want to create an STS that acts as an attribute authority (i.e. it 
would retrieve attributes about subjects on a custom db like LDPA, 
PgSQL, etc).

I apologise for such a basic question. I've been reading about 
WS-Federation (more precisely, the active requestor profile), but I 
couldn't find any implementation for it, so I thought about of emulating 
part of it (not the metadata about the federation, autoconfiguration 
based on policies, etc) using apache rampart. I thank you in advance for 
any tips or directions to other resources on this subject.

Best regards,
Maicon Stihler

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message